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DETAILED ACTION 



Response to Arguments 

Applicant argues that Cathey and Holdsworth fail to teach the newly added limitation 
"each of the separate matching tables associated with that level comprising one or more entries 
each specifying a set of one or more values for the field associated with that level and each of the 
separate matching tables associated with a level corresponding to a different set of one or more 
values, for another field, specified by a respective one of a plurality of entries of another 
matching table associated with another level of the tree representation" 

The examiner believes this portion of the amendment to be clear: 

"each of the separate matching tables associated with that level comprising one or more entries 
each specifying a set of one or more values for the field associated with that level and each of the 
separate matching tables associated with a level corresponding to a different set of one or more 
values, " 

However, the last 2 lines are not clear, "specified by a respective one of a plurality of entries of 
another matching table associated with another level of the tree representation" 
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Are the other entries supposed to indicate that the levels correspond with each other? The 
support the applicant puts forth is only that a first level of a source address and a second level 
being a destination address. The examiner is not clear what exactly "specified by a respective 
one of a plurality of entries of another matching table associated with another level of the tree 
representation" specifies that the source address corresponds to a destination address. 

The examiner suggests the applicant rework the claim language to be more understandable and in 
line with the present invention. 

As per the USC 103 rejection in view of Cathey and Holdsworth, the examiner believes 
the current rejection meets the new claim limitations. Cathey teaches levels and data sets 
associated with predefined data. Holdsworth is relied upon to explicitly teach ACL lists. 
Cathey teaches a first level is source IP info, and a second level is Destination IP info. While 
Cathey does not EXPLICITLY state a different set of values, Cathey reads on a different set of 
values in each node, because using the same values would be unproductive to the objective of 
Cathey. Holdsworth also supports different values because if each ACL had the exact same 
values, then all of the ACL's would be worthless. Only 1 ACL would be needed for the entire 
invention. Cathey, like the present invention, as stated in the applican'ts support for the 
amendment, has a corresponding different set of values. The applicant has stated level 1 is 
source IP and level 2 is a corresponding level. Cathey teaches the same, as the decision is made 
based upon source IP which branch of different destination IP the data should be sent to. 

Thus the rejection below is similar to the previous rejection. 
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Claim Rejections - 35 USC §101 

35 U.S.C. 101 reads as follows: 

Whoever invents or discovers any new and useful process, machine, manufacture, or composition of matter, or 
any new and useful improvement thereof, may obtain a patent therefor, subject to the conditions and 
requirements of this title. 

The claimed invention is directed to no n- statutory subject matter. A process qualifies to be 
considered for patenting if it (1) is implemented with a particular machine that is, one 
specifically devised and adapted to carry out the process in a way that is not concededly 
conventional and is not trivial; or else (2) transforms an article from one thing or state to another. 

As per claim 20, Applicant sates "machine-readable storage medium" if this claim language was 
changed to "non-transitory computer readable storage medium" or "computer readable storage 
device" the 101 rejection would be overcome. 

Claim Rejections - 35 USC §103 
Claims 1, 3-9, 11, 12, 15, 17, and 20 are rejected under 35 U.S.C. 103(a) as being 
unpatentable over in view of Cathey US 2002/0085560 in view of Holdsworth US 
2003/0188198 

As per claim 1 , 20 Cathey teaches determining a plurality of rules (packet classification), 
each of at least a subset of the rules having a plurality of fields (extracted fields of header 
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data) and a corresponding action (identify application programs to execute); and 
processing the rules to generate a multi-level tree representation (classification logic is 
configured as a decision tree), (Fig 5B, [0052], [0061], [0063]). Cathey teaches each of 
one or more of the levels of the tree representation being associated with a corresponding 
one of the fields (level one associated with source address, level two associate with 
destination address) [0063]. Cathey teaches at least one level of the tree representation 
other than a root level of the tree representation comprises a plurality of nodes (Header 
Check 2, Fig 5B, [0063], Cathey teaches at least two of the nodes at that level each 
having a separate matching table associated therewith (header check 2 checks Internet 
Protocol Destination Address and compares to predefined data, and address 
tables),([0063], [0067], [0078]). Although the predefined data is not stated as different in 
Cathey, it would be well known to those of ordinary skill that it would be different as 
decisions are made to sort data into different branches. [0064], [0067]. Holdsworth below 
provides additional support. Cathey teaches one level of tables corresponding to a 
different level with different entries [0064], Fig 5 B. 

Cathey fails to teach access control lists or explicitly state separate matching tables. 

Holdsworth teaches access control lists and separate matching tables (each node may 
have its own acl) [0048]. Holdsworth also supports that the values in nodes of the same 
level would be different, or separate ACL's would not be required. It is well known in 
the art that ACL's contain different values, see also [0104], [0106], [0107]. 
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It would have been obvious to one of ordinary skill in the art to use the ACL of 
Holdsworth with the decision levels and fields of Cathey because it allows security and 
access control to be performed to enhance network safety. 

As per claim 3, Cathey teaches the plurality of fields comprises at least first and second 
fields, the first field comprising a source address field and the second field comprising a 
destination address field [0063]. 

As per claim 4, Cathey teaches a final level of the tree representation comprises a 
plurality of leaf nodes (packet classification), each associated with one of the actions 
(choosing an application) of the plurality of rules (Fig 5B, [0063], [0083]). 

As per claim 5, Cathey teaches the root level of the tree representation includes a 
plurality of field values, each corresponding to a distinct source address in a first field of 
the plurality of rules (header check 1 at the rood may include a source address, compared 
to predefined source address table, ([0063] [0076]). 

As per claim 6, Cathey teaches a second level of the tree representation includes a 
plurality of nodes, each being associated with a subtree of a given one of the distinct 
source addresses of the root level of the tree (Fig 5B, [0063]). 

As per claim 7. Cathey teaches a given one of the second level subtrees identifies one or 
more destination addresses to be examined if the corresponding root level source address 
matches a source address of a given received packet, (header check 2 at the node may 
include a destination address, (Fig 5B [0063]). 
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As per claim 8. Holdsworth teaches a matching table at a given level of the tree 
representation other than a root level of the tree representation comprises at least a 
portion of a subtree identified by a particular field value from an immediately previous 
level (nodes may inherit parent ACL lists) [0058]. 

As per claim 9. Cathey teaches the tree representation is generated by associating a first 
node at the root level with a given value in a first field (source address) of one of the 
plurality of rules (packet classification), and then processing remaining field values 
(destination address) sequentially, with each value in turn being compared to one or more 
existing values (predetermined information) at the appropriate node(s) of the tree 
representation to determine if a match exists, and associating that value with a matching 
table (address table) at one of the nodes of the tree representation based at least in part on 
the determination (Fig 5B, [0063], [0067], [0078]. 

As per claim 1 1 . Holdsworth teaches the corresponding actions include at least an accept 
action and a deny action (allow, deny) [0051]. 

As per claim 12, Cathey teaches the step of storing at least a portion of the tree 
representation in memory circuitry accessible to the processor (stored in IRAM 
connected to packet classification engine) [0030]. 

As per claims 15, and 20 Cathey teaches a processor having memory circuitry associated 
therewith; the memory circuitry being configured for storing at least a portion of a multi- 
level tree representation (stored in IRAM connected to packet classification engine) 
[0030]. 
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Cathey teaches each of one or more of the levels of the tree representation being 
associated with a corresponding one of the fields; (extracted fields of header data). 
Cathey teaches the processor being operative to utilize the stored tree representation to 
perform a function (classify) [0030]. Cathey teaches at least one level of the tree 
representation other than a root level of the tree representation comprises a plurality of 
nodes, (Header Check 2, Fig 5B, [0063] Cathey teaches at least two of the nodes at that 
level each having a separate matching table associated therewith (header check 2 checks 
Internet Protocol Destination Address and compares to predefined data, and address 
tables),([0063], [0067], [0078]). Although the predefined data is not stated as different in 
Cathey, it would be well known to those of ordinary skill that it would be different as 
decisions are made to sort data into different branches. [0064], [0067]. Holdsworth below 
provides additional support. Cathey teaches one level of tables corresponding to a 
different level with different entries [0064], Fig 5 B. 

Cathey fails to teach access control lists or explicitly state separate matching tables. 

Holdsworth teaches access control lists and separate matching tables (each node may 
have its own acl) [0048]. Holdsworth also supports that the values in nodes of the same 
level would be different, or separate ACL's would not be required. It is well known in 
the art that ACL's contain different values, see also [0104], [0106], [0107]. 

Holdsworth teaches access control lists and separate matching tables (each node may 
have its own acl) [0048]. 
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It would have been obvious to one of ordinary skill in the art to use the ACL of 
Holdsworth with the decision levels and fields of Cathey because it allows security and 
access control to be performed to enhance network safety. 

As per claim 17. Cathey teaches the memory may be integrated with the classification 
engine on a controller [0040]. 

Claim 2 is rejected under 35 U.S.C. 103(a) as being unpatentable over in view of 
Cathey US 2002/0085560 in view of Holdsworth US 2003/0188198 in view of Miller 
US 2003/0005146 

As per claim 2, the previous Cathey-Holdsworth combination does not teach longest 
prefix matching. Miller teaches using the longest prefix matching (LPM) method, 
[0031]. 

It would have been obvious to one of ordinary skill in the art to use the LPM method of 
miller with the system of Cathey-Holdsworth to improve matching efficiency, [0015]. 

Claims 10, 13, 14, 16, 18, and 19 are rejected under 35 U.S.C. 103(a) as being 
unpatentable over in view of Cathey US 2002/0085560 in view of Holdsworth US 
2003/0188198 in view of Gai US 6,651,096. 

As per As per claim 10, the previous Cathey-Holdsworth combination does not teach 
each of at least a subset of the nodes of the tree representation having values in the 
matching table are arranged in order of decreasing specificity. 
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Gai teaches each of at least a subset of the nodes of the tree representation having a 
separate matching table associated therewith, values in the matching table are arranged in 
order of decreasing specificity ( wildcards increase down the list) (Fig 5 A Source 
Address). 

It would have been obvious to one of ordinary skill in the art to use the list of Gai with 
the system of Cathey-Holdsworth in order to filter in order of desire. 

As per claim 13, the previous Cathey-Holdsworth combination does not teach the 
hardware and CPU used in implementing an ACL. 

Gai teaches the step of utilizing the stored tree representation to perform an access 
control list based function in the processor (teaches using ACL stored in CAM with CPU) 
(Col 4 lines 10-25). 

It would have been obvious to one of ordinary skill in the art to use the hardware of Gai 
with the system of Cathey-Holdsworth because a CPU is necessary to implement 
software. 

As per claim 14. Gai teaches the access control list based function comprises packet 
filtering (receipt and action for packet) (Col 4 lines 30-36). 

As per claim 16. Gai teaches the access control list based function comprises packet 
filtering (receipt and action for packet) (Col 4 lines 30-36). 

As per claim 18, Gai teaches the processor comprises a network processor (intermediate 
network device CPU) (Col 4 lines 7-10). 
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As per claim 19. Gai teaches the processor comprises an integrated circuit (CPU) (Col 4 
lines 7-10). 



Conclusion 

Any inquiry concerning this communication or earlier communications from the 
examiner should be directed to CHRISTOPHER J. BROWN whose telephone number is 
(571)272-3833. The examiner can normally be reached on 8:30-6:00. 

If attempts to reach the examiner by telephone are unsuccessful, the examiner's 
supervisor, Edan Orgad can be reached on (571)272-7884. The fax phone number for the 
organization where this application or proceeding is assigned is 571-273-8300. 

Information regarding the status of an application may be obtained from the Patent 
Application Information Retrieval (PAIR) system. Status information for published applications 
may be obtained from either Private PAIR or Public PAIR. Status information for unpublished 
applications is available through Private PAIR only. For more information about the PAIR 
system, see http://pair-direct.uspto.gov. Should you have questions on access to the Private PAIR 
system, contact the Electronic Business Center (EBC) at 866-217-9197 (toll-free). If you would 
like assistance from a USPTO Customer Service Representative or access to the automated 
information system, call 800-786-9199 (IN USA OR CANADA) or 571-272-1000. 



/Christopher J Brown/ 

Primary Examiner, Art Unit 2439 
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